Re: [Samba] can connect to 2 samba servers by name but to one by IPonly
tm...@tms3.com
>
>
> Adding pdc1 to the hosts file (c:\windows\system32\drivers\etc\hosts)
> did
> not make a difference. After adding pdc1 to lmhosts, "net use
> \\pdc1" did
> work. So in the case of pdc1 one, the name is being resolved as a
> netbios
> name (i.e. via lmhosts) not a tcp/ip type name (i.e. via dns or hosts)
>
> But then why does "net use" work with all the other windows or samba
> servers? As far as I can tell, DNS is the only method by which the
> names
> are being resolved.
>
> I did notice that "nbtstat -c" shows the following
What does nbtstat -r show?
>
>
>
> SonicWALL VPN Connection:
> Node IpAddress: [x.x.x.x.] Scope Id: []
>
> NetBIOS Remote Cache Name Table
>
> Name Type Host Address Life [sec]
> ------------------------------------------------------------
> BDC1 <20> UNIQUE x.x.x.x.10 522
> BDC2 <20> UNIQUE x.x.x.x.11 560
> SOMEMACHINE <20> UNIQUE x.x.x.x.12 597
>
>
>
> PDC1 is not in cache- which I guess makes sense since it is
> explicitly
> listed in lmhosts.
>
>
> The "nbtstat -r" command only shows machine on my home network,
> nothing on
> the corporate network, so this really does indicate that there is no
> netbios
> broadcasts going on crossing the VPN link.
>
>
> Thanks
>
>
>
>
> -----Original Message-----
> From: TAKAHASHI Motonobu [mailto:mo...@monyo.com]
> Sent: Thursday, January 06, 2011 8:09 AM
> To: gaiseri...@gmail.com
> Cc: sa...@lists.samba.org
> Subject: Re: [Samba] can connect to 2 samba servers by name but to one
> by IP
> only
>
> 2011/1/6 Gaiseric Vandal <gaiseri...@gmail.com>:
>>
>> In fact this seems to work for any samba or windows
>> machine on the network EXCEPT the Samba 3.4.x PDC. It seems to
>> work
> for
>>
>> Win 2003 machines, Samba 3.4.x member servers, XP machines, etc.
>
> To analyze the problem, first put the entry for PDC1 into both LMHOSTS
> and
> hosts files and try: net use \\pdc1.
>
> If you still meet the 67 error, something other than name resolution
> will
> cause
> this problem. Look at the Samba log and network capture.
>
>>
>> My understanding is that XP (and Win 2000/2003) machines are "smart"
> enough
>>
>> to use DNS look ups to resolve a windows "netbios" name to IP in the
>> case
>> that legacy (archaic) "Netbios" name resolution (WINS, lmhosts,
>> broadcast)
>> methods don't work.
>
> NetBIOS name whose prefix is only #20 ,#00 (and #1C in some case) can
> be resolved
> by DNS.
>
> ---
> TAKAHASHI Motonobu <mo...@samba.gr.jp>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
TAKAHASHI Motonobu
> Adding pdc1 to the hosts file (c:\windows\system32\drivers\etc\hosts) did
> not make a difference. After adding pdc1 to lmhosts, "net use \\pdc1" did
> work. So in the case of pdc1 one, the name is being resolved as a netbios
> name (i.e. via lmhosts) not a tcp/ip type name (i.e. via dns or hosts)
>
> But then why does "net use" work with all the other windows or samba
> servers? As far as I can tell, DNS is the only method by which the names
> are being resolved.
What does "nslookup PDC1" and "ping PDC1" show?
If you have a host named "PDC1.example.com" then nslookup PDC1 may
return the IP address of "PDC1.example.com", not the IP address of
expected "PDC1".
Anyway, you had better debug at the view of DNS name resolution, not Samba.
Gaiseric Vandal
"pdc1.mydomain.com."
ping does not (windows will appropriately add the domain name.)
I have not tried "net use \\pdc1.mydomain.com" from a VPN connection.
I know that "nslookup" and "ping" in Windows have separate name
resolution routines, and handle domain suffixes a little
differently. Again, that should have affected all machines.
Machines on VPN connection get the "mydomain.com" appended to the VPN
virtual NIC, but it is not the default domain for the machine.
I looked at my DNS server- I can't see any differences in the entry for
"pdc1" vs any other machine- even though DNS is the only thing that
would make sense. But VPN clients use the 2ndary DNS servers for name
lookup, not the primary. I may try configuring VPN clients to use
the primary DNS server. None of the server names are 16 characters or
more.
Thanks
Gaiseric Vandal
This is where things stand so far:
Pdc1 is samba 3.4.x
Bdc1 is samba 3.0.x (also the WINS server)
Bdc2 is samba 3.0.x
On an XP Pro machine at work, joined to the domain, the following commands
work
net use \\pdc1
net use \\bdc1
net use \\bdc2
If I connect to work via VPN from either a work machine (which is a domain
member, but logging in using cached credentials) or my home PC (XP Pro but
not in the domain) the following commands fail
net use \\pdc1
net use \\pdc1.mydomain.com
The following commands work
net use \\bdc1
net use \\bdc2
net use \\IP_OF_PDC1
ping pdc1
ping pdc1.mydomain.com
nslookup pdc1.mydomain.com
IN fact, "net use" seems to work for any other Windows or Samba server (in
the same or different domains), just not the PDC1. Since, by default, VPN
clients do NOT use WINS server, this indicates that they are resolving host
names via DNS. (I did try enabling WINS client but it didn't change
anything.)
If the machine is a domain member, "nslookup pdc1" also works.
I use sonicwall VPN client which has a "virtual" nic, which gets an IP
address (including DNS and optionally wins info) from the company DHCP
server, and on the same subnet as the servers and other machines on the
network.
If I update lmhosts on my PC, I can use "net use \\pdc1." This suggests
that XP is NOT using DNS to resolve host name for this host. But that
doesn't make sense, since every other host can be accessed by name.
"nbtstat -r" ("Lists names resolved by broadcast and via WINS") only shows
the other xp machine on my home network, not any of the machines on the
company network, so I am pretty sure I am not resolving server names via
broadcast or wins. Updating hosts file on my XP machine doesn't help
either.
It also should not matter how the server resolves hostnames.
Any thoughts?
Thanks
-----Original Message-----
From: Gaiseric Vandal [mailto:gaiseri...@gmail.com]
Sent: Thursday, January 13, 2011 2:14 PM
To: TAKAHASHI Motonobu
Cc: Samba
Subject: Re: [Samba] can connect to 2 samba servers by name but to one by
IPonly
Gaiseric Vandal
remote XP machine and the samba servers. It does show that the
With a successful connection:
The client sends what appears to be an empty SMB packet to the server on
port 445
SMB: ----- SMB: -----
SMB:
SMB: ""
SMB:
The server responds with a similar packet, then the client starts sending
more information to the server e.g.
NBT: ----- NBT Header -----
NBT:
NBT: Type = SESSION MESSAGE
NBT: Length = 133 bytes
NBT:
SMB: ----- SMB Header -----
SMB:
SMB: CLIENT REQUEST
SMB: Command code = 0x72
SMB: Command name = SMBnegprot
SMB:
SMB: SMB Status:
SMB: - Error class = No error
SMB: - Error code = No error
SMB:
SMB: Header:
SMB: - Tree ID (TID) = 0x0000
SMB: - Process ID (PID) = 0xfeff
SMB: - User ID (UID) = 0x0000
SMB: - Multiplex ID (MID) = 0x0000
SMB: - Flags summary = 0x18
SMB: - Flags2 summary = 0xc853
SMB:
SMB: ByteCount = 98
SMB: Dialect String = PC NETWORK PROGRAM 1.0
SMB: Dialect String = LANMAN1.0
SMB: Dialect String = Windows for Workgroups 3.1a
SMB: Dialect String = LM1.2X002
SMB: Dialect String = LANMAN2.1
SMB: Dialect String = NT LM 0.12
SMB:
However which a failed connection, it looks like the client sends the empty
SMB packet, the server does respond with an empty SMB packet, but then the
client just sends another empty SMB packet.
I am stumped.
I appreciate any advice.